smaak 0.1.16 → 0.1.17
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/README.md +5 -0
- data/lib/smaak/server.rb +3 -1
- data/lib/smaak/version.rb +1 -1
- data/spec/lib/smaak/server_spec.rb +9 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f45f06921b628e88bdca56b549ece83df6ec865c
|
|
4
|
+
data.tar.gz: 2e1c446e1f3f3eed67162ca298e8ad88dc75d000
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 99d952eb0657697c4247f6d5fc1c4fb0e37ce320d31fa8ad483e008becd1958a05225cd7bbd64ed004d2e19d1df16faccd5ea80b835497e920dbdeb19f50cb0a
|
|
7
|
+
data.tar.gz: 95b53689765041860e3dcb3b5a652fb98409facf274596ce88c06fc74f897813140e134391209983268f11ea843542d907fa1ed66da0add5b8ecb6332b0d447d
|
data/.gitignore
CHANGED
data/README.md
CHANGED
|
@@ -44,6 +44,11 @@ When setting up a Smaak::Server, tell the server of your SmaakService and verify
|
|
|
44
44
|
end
|
|
45
45
|
end
|
|
46
46
|
|
|
47
|
+
Note: verification of intended recipient can be disabled, e.g. in cases of dynamic
|
|
48
|
+
trust stores as follows. USE WITH CAUTION:
|
|
49
|
+
|
|
50
|
+
server.verify_recipient = false
|
|
51
|
+
|
|
47
52
|
### Example Client
|
|
48
53
|
|
|
49
54
|
A Smaak::Client operates on an instance of an HTTP request. The Smaak module can be told about different request technology implementations by providing an adaptor to a request technology (Smaak::add_request_adaptor). The gem ships with a Net::HTTP adaptor. Call Smaak::create_adaptor with your request to get an instance of an adaptor.
|
data/lib/smaak/server.rb
CHANGED
|
@@ -6,10 +6,12 @@ module Smaak
|
|
|
6
6
|
class Server < Associate
|
|
7
7
|
attr_accessor :nonce_store
|
|
8
8
|
attr_reader :private_key
|
|
9
|
+
attr_accessor :verify_recipient
|
|
9
10
|
|
|
10
11
|
def initialize
|
|
11
12
|
super
|
|
12
13
|
@nonce_store = Persistent::Cache.new("nonce_store", @token_life, Persistent::Cache::STORAGE_RAM)
|
|
14
|
+
@verify_recipient = true
|
|
13
15
|
end
|
|
14
16
|
|
|
15
17
|
def set_public_key(key)
|
|
@@ -45,7 +47,7 @@ module Smaak
|
|
|
45
47
|
return false
|
|
46
48
|
end
|
|
47
49
|
puts "[smaak error]: public key not set. Did you call set_public_key() ?" if @key.nil?
|
|
48
|
-
if not auth_message.intended_for_recipient?(@key.export)
|
|
50
|
+
if (@verify_recipient) and (not auth_message.intended_for_recipient?(@key.export))
|
|
49
51
|
puts "[smaak error]: message not intended for this recipient"
|
|
50
52
|
return false
|
|
51
53
|
end
|
data/lib/smaak/version.rb
CHANGED
|
@@ -145,6 +145,15 @@ describe Smaak::Server do
|
|
|
145
145
|
expect(@iut.verify_auth_message(auth_message)).to eql(false)
|
|
146
146
|
end
|
|
147
147
|
|
|
148
|
+
it "should return true if the auth_message is not intended for the recipient, but recipient verification is disabled" do
|
|
149
|
+
env = @env
|
|
150
|
+
env["HTTP_X_SMAAK_RECIPIENT"] = Base64.strict_encode64("another-recipient")
|
|
151
|
+
auth_message = mock_auth_message(env)
|
|
152
|
+
@iut.verify_recipient = false
|
|
153
|
+
expect(@iut.verify_auth_message(auth_message)).to eql(true)
|
|
154
|
+
@iut.verify_recipient = true
|
|
155
|
+
end
|
|
156
|
+
|
|
148
157
|
it "should return false if the auth_message's pre-shared key does not match the association's, indexed by the auth message's identifier field" do
|
|
149
158
|
env = @env
|
|
150
159
|
env["HTTP_X_SMAAK_PSK"] = "doesnotmatch"
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: smaak
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.17
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ernst van Graan
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-
|
|
11
|
+
date: 2016-05-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: persistent-cache-ram
|